SafesITe TOP DL GX4 - FIPS with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV

Certificate #1085

Webpage information

Status historical
Historical reason 01-3052 was dropped.
Validation dates 03.02.2009 , 23.02.2009 , 24.02.2011 , 06.02.2014
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Single Chip
Caveat When operated in FIPS mode
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: Level 3
  • EMI/EMC: Level 3
Description This module is based on a Gemalto Dual Interface (Contact ISO7816 and Contactless ISO14443) Open OS Smart Card with a large (128K EEPROM) memory, with a cryptographic applet suite V 2.6.2b developed by ActivIdentity. The SmartCard platform has on board Triple DES and RSA up to 2048 algorithms and provides X9.31 on board key generation. The Applet Suite supports management of 3DES keys and PINs, and provides services for authentication, access control, generic container, PKI, One Time password and Secure Messaging (SMA). The module conforms to Java Card 2.2.1, Global Platform 2.1.1 and GSC/IS 2
Version (Hardware) A1005291 - CHIP.P5CD144.MPH051B, A1011108 - CHIP.P5CD144.MPH051B and A1047808 - CHIP.P5CD144.MPH051B
Version (Firmware) GX4-FIPS EI08, Applet Versions: ACA applet package v2.6.2B.4, ASC library package v2.6.2B.3, PKI/GC/SKI applet package v2.6.2B.4, PIV End Point Wrapper module v2.6.2B.4, PIV End Point Extended module v2.6.2B.3, SMA applet package v2.6.2B.3
Vendor Gemalto and ActivIdentity Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, DES, Triple-DES, TDES, KMAC
Hash functions
SHA-1
Schemes
MAC
Randomness
PRNG, RNG
Block cipher modes
ECB, CBC

Vendor
Gemalto, Philips

Security level
Level 2, Level 3, level 1, level 2
Side-channel analysis
SPA, DPA, Timing Attacks, physical tampering, Fault Induction, Fault injection
Certification process
Integrity Mechanisms The cryptographic keys storage integrity mechanism is described in a separate confidential document called Self Test Description. 8.5.4 Cryptographic Key Zerorization The cryptographic module

Standards
FIPS140-2, FIPS 140-2, PKCS#1, PKCS1, ISO/IEC 7816, ISO/IEC 14443, ISO/IEC 7816-2, ISO/IEC 7816-3, ISO/IEC 7816-4

File metadata

Title Applet v2 Security Policy
Author Stephane Ardiley
Creation date D:20110124154838
Modification date D:20110124154838
Pages 30
Creator Microsoft® Office Word 2007
Producer Microsoft® Office Word 2007

Heuristics

No heuristics are available for this certificate.

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 1085,
  "dgst": "0c0ad5934ba82dd2",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "CVL#214",
        "Triple-DES MAC#678",
        "RNG#450",
        "AES#782",
        "Triple-DES#678",
        "SHS#786",
        "RSA#372"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "2.6.2"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "2774"
        ]
      },
      "directly_referencing": null,
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "2774"
        ]
      },
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {},
      "certification_process": {
        "ConfidentialDocument": {
          "Integrity Mechanisms The cryptographic keys storage integrity mechanism is described in a separate confidential document called Self Test Description. 8.5.4 Cryptographic Key Zerorization The cryptographic module": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 9
        },
        "ECB": {
          "ECB": 7
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "MAC": {
          "MAC": 13
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "# 1": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "PKCS#1": 4,
          "PKCS1": 1,
          "RSA PKCS1": 1,
          "SHA-1": 6
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 2,
          "Level 3": 2,
          "level 1": 1,
          "level 2": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 6
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "PRNG": 3
        },
        "RNG": {
          "RNG": 2
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Fault Induction": 1,
          "Fault injection": 3,
          "physical tampering": 1
        },
        "SCA": {
          "DPA": 1,
          "SPA": 1,
          "Timing Attacks": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 7,
          "FIPS140-2": 6
        },
        "ISO": {
          "ISO/IEC 14443": 6,
          "ISO/IEC 7816": 6,
          "ISO/IEC 7816-2": 1,
          "ISO/IEC 7816-3": 1,
          "ISO/IEC 7816-4": 1
        },
        "PKCS": {
          "PKCS#1": 2,
          "PKCS1": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 3
          }
        },
        "DES": {
          "3DES": {
            "TDES": 35,
            "Triple-DES": 6
          },
          "DES": {
            "DES": 3
          }
        },
        "constructions": {
          "MAC": {
            "KMAC": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Gemalto": {
          "Gemalto": 32
        },
        "Philips": {
          "Philips": 2
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Stephane Ardiley",
      "/CreationDate": "D:20110124154838",
      "/Creator": "Microsoft\u00ae Office Word 2007",
      "/ModDate": "D:20110124154838",
      "/Producer": "Microsoft\u00ae Office Word 2007",
      "/Title": "Applet v2 Security Policy",
      "pdf_file_size_bytes": 693767,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 30
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "b8f443a42aa2e30c87e7ddcabb0f8c95b2e01ad595848fa06f71277253b2ca0e",
    "policy_txt_hash": "eaea7dfe2876b7acf0e6a2f4c5b1de16d3a0e2a6bec6b2b070b06f4fc4b903cc"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt1085.pdf",
    "date_sunset": null,
    "description": "This module is based on a Gemalto Dual Interface (Contact ISO7816 and Contactless ISO14443) Open OS Smart Card with a large (128K EEPROM) memory, with a cryptographic applet suite V 2.6.2b developed by ActivIdentity. The SmartCard platform has on board Triple DES and RSA up to 2048 algorithms and provides X9.31 on board key generation. The Applet Suite supports management of 3DES keys and PINs, and provides services for authentication, access control, generic container, PKI, One Time password and Secure Messaging (SMA). The module conforms to Java Card 2.2.1, Global Platform 2.1.1 and GSC/IS 2",
    "embodiment": "Single Chip",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Physical Security: Level 3",
      "EMI/EMC: Level 3"
    ],
    "fw_versions": "GX4-FIPS EI08, Applet Versions: ACA applet package v2.6.2B.4, ASC library package v2.6.2B.3, PKI/GC/SKI applet package v2.6.2B.4, PIV End Point Wrapper module v2.6.2B.4, PIV End Point Extended module v2.6.2B.3, SMA applet package v2.6.2B.3",
    "historical_reason": "01-3052 was dropped.",
    "hw_versions": "A1005291 - CHIP.P5CD144.MPH051B, A1011108 - CHIP.P5CD144.MPH051B and A1047808 - CHIP.P5CD144.MPH051B",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "SafesITe TOP DL GX4 - FIPS with ActivIdentity Digital Identity Applet Suite V2 for Extended PIV",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2009-02-03",
        "lab": "SAIC-VA",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2009-02-23",
        "lab": "",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2011-02-24",
        "lab": "SAIC-VA",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2014-02-06",
        "lab": "",
        "validation_type": "Update"
      }
    ],
    "vendor": "Gemalto and ActivIdentity Inc.",
    "vendor_url": "http://www.gemalto.com"
  }
}